<?php
$user = $pass = 'root';

if (!isset ($_SESSION['firstauthenticate'])) {
    session_start();
}
  function authenticate() {
    header('WWW-Authenticate: Basic realm="Sistema autentificaci UnoAutoSur"');
    header('HTTP/1_0 401 Unauthorized');
//    header("Status: 401 Access Denied"); 
    echo "Unauthorized\n";
    exit;
  }
if (!isset($_SERVER['PHP_AUTH_USER']) || strcmp ($_SERVER['PHP_AUTH_USER'],$user)!=0 || 
      !isset ($_SERVER['PHP_AUTH_PW']) || strcmp($_SERVER['PHP_AUTH_PW'],$pass)!=0 || !isset ($_SESSION['firstauthenticate']) || !$_SESSION['firstauthenticate']) {
     $_SESSION['firstauthenticate']=true;
   authenticate();
} else {
            //I destroy the session var now
    session_unset();
            //Your code below
}

# print_r($_SERVER);

if ($_SERVER['PHP_AUTH_USER'] != "" && $_SERVER['PHP_AUTH_PW'] != "" && preg_match("/^Basic\s+(.*)$/i", $_SERVER['HTTP_AUTHORIZATION'], $matches)) 
{ 
  print_r(explode(":", base64_decode($matches[1]))); 
} 
